PHP/MySQL News with Comments - Summing it up and final script (Page 7 of 7 ) Now all that is left to do is writing a little bit of code that will tie everything all together and call the proper functions at the proper time. For that, I will use a case statement and pass a parameter via the URL called action. Then, all I need to do is check action and see what it matches and call the appropriate function. Right about now you are saying, what about adding news? How do I do that? Well, if you don’t want to take this any further, then you will just need to fire up PHPMyAdmin and input it there, or another MySQL client. What you should do is code a way to input the news. It will be very similar to inputting the comments. The one thing you will need to pay attention to is that you don’t want just anyone inputting news. Protect it somehow, whether that be with an .htaccess file or some PHP method. Without further delay, here is the final code. Until we meet again, Happy Coding! <?php
/* user config variables */
$max_items = 5; /* max number of news items to show */
/* make database connection */
$db = mysql_connect ('localhost','root','Berskin99');
mysql_select_db ('test',$db);
function displayNews($all = 0) {
/* bring in two variables
* $db is our database connection
* $max_items is the maximum number
* of news items we want to display */
global $db, $max_items;
/* query for news items */
if ($all == 0) {
/* this query is for up to $max_items */
$query = "SELECT id,title,newstext," .
"DATE_FORMAT(postdate, '%Y-%m-%d') as date " .
"FROM news ORDER BY postdate DESC LIMIT $max_items";
} else {
/* this query will get all news */
$query = "SELECT id,title,newstext," .
"DATE_FORMAT(postdate, '%Y-%m-%d') as date " .
"FROM news ORDER BY postdate DESC";
}
$result = mysql_query ($query);
while ($row = mysql_fetch_assoc ($result)) {
/* display news in a simple table */
echo "<TABLE border=\"1\" width=\"300\">\n";
/* place table row data in
* easier to use variables.
* Here we also make sure no
* HTML tags, other than the
* ones we want are displayed */
$date = $row['date'];
$title = htmlentities ($row['title']);
$news = nl2br (strip_tags ($row['newstext'], '<a><b><i><u>'));
/* display the data */
echo "<TR><TD><b>$title</b> posted on $date</TD></TR>\n";
echo "<TR><TD>$news</TD></TR>\n";
/* get number of comments */
$comment_query = "SELECT count(*) FROM news_comments " .
"WHERE news_id={$row['id']}";
$comment_result = mysql_query ($comment_query);
$comment_row = mysql_fetch_row($comment_result);
/* display number of comments with link */
echo "<TR><TD><a href=\"{$_SERVER['PHP_SELF']}" .
"?action=show&id={$row['id']}\">Comments</a>" .
"($comment_row[0]}</TD></TR>\n";
/* finish up table*/
echo "</TABLE>\n";
echo "<BR>\n";
}
/* if we aren't displaying all news,
* then give a link to do so */
if ($all == 0) {
echo "<a href=\"{$_SERVER['PHP_SELF']}" .
"?action=all\">View all news</a>\n";
}
}
function displayOneItem($id) {
global $db;
/* query for item */
$query = "SELECT * FROM news WHERE id=$id";
$result = mysql_query ($query);
/* if we get no results back, error out */
if (mysql_num_rows ($result) == 0) {
echo "Bad news id\n";
return;
}
$row = mysql_fetch_assoc($result);
echo "<TABLE border=\"1\" width=\"300\">\n";
/* easier to read variables and
* striping out tags */
$title = htmlentities ($row['title']);
$news = nl2br (strip_tags ($row['newstext'], '<a><b><i><u>'));
/* display the items */
echo "<TR><TD><b>$title</b></TD></TR>\n";
echo "<TR><TD>$news</TD></TR>\n";
echo "</TABLE>\n";
echo "<BR>\n";
/* now show the comments */
displayComments($id);
}
function displayComments($id) {
/* bring db connection variable into scope */
global $db;
/* query for comments */
$query = "SELECT * FROM news_comments WHERE news_id=$id";
$result = mysql_query ($query);
echo "Comments:<BR><HR width=\"300\">\n";
/* display the all the comments */
while ($row = mysql_fetch_assoc ($result)) {
echo "<TABLE border=\"1\" width=\"300\">\n";
$name = htmlentities ($row['name']);
echo "<TR><TD><b>by: $name</b></TD></TR>\n";
$comment = strip_tags ($row['comment'], '<a><b><i><u>');
$comment = nl2br ($comment);
echo "<TR><TD>$comment</TD></TR>\n";
echo "</TABLE>\n";
echo "<BR>\n";
}
/* add a form where users can enter new comments */
echo "<HR width=\"300\">";
echo "<FORM action=\"{$_SERVER['PHP_SELF']}" .
"?action=addcomment&id=$id\" method=POST>\n";
echo "Name: <input type=\"text\" " .
"width=\"30\" name=\"name\"><BR>\n";
echo "<TEXTAREA cols=\"40\" rows=\"5\" " .
"name=\"comment\"></TEXTAREA><BR>\n";
echo "<input type=\"submit\" name=\"submit\" " .
"value=\"Add Comment\"\n";
echo "</FORM>\n";
}
function addComment($id) {
global $db;
/* insert the comment */
$query = "INSERT INTO news_comments " .
"VALUES('',$id,'{$_POST['name']}'," .
"'{$_POST['comment']}')";
mysql_query($query);
echo "Comment entered. Thanks!<BR>\n";
echo "<a href=\"{$_SERVER['PHP_SELF']}" .
"?action=show&id=$id\">Back</a>\n";
}
/* this is where the script decides what do do */
echo "<CENTER>\n";
switch($_GET['action']) {
case 'show':
displayOneItem($_GET['id']);
break;
case 'all':
displayNews(1);
break;
case 'addcomment':
addComment($_GET['id']);
break;
default:
displayNews();
}
echo "</CENTER>\n";
?> |
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
|
/ 8 
